Burp Suite Alternatives for Mac

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

mitmproxy is an SSL-capable man-in-the-middle proxy for HTTP. It provides a console interface that allows traffic flows to be inspected and edited on the fly.

Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information).

Proxyman is a high-performance macOS app, which enables developers to view HTTP/HTTPS requests from apps and domains.

Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.

Find security vulnerabilities right from your browser. Experience the next generation security tools without the need to install any additional software.

Check realtime and continuously for outdated web software on your server. Delivered by mail and an easy to use dashboard and get notified if PHP, Apache, cPanel, Wordpress, Drupal and many more become outdated.

Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc.

Firefox add-on that lets you change headers and request parameters before they're sent to the server.